As I described in this earlier thread our PlayBook apps have no mechanism to retrieve their license key, and the presently supported mechanism requires tedious manual actions by users who have no idea what they should do. It's a wholly unusable system at present except perhaps in case of very experienced users.

As we seem to have no earlier thread directly requesting this, and didn't have a ticket for it, I assume it's not high on anyone's priority list, developers included. Nevertheless, piracy is happening, and I can think of no technical reason why this can't be done right now, other than perhaps that the current App World client for PlayBook simply doesn't support it. I also suspect this is something many developers want, but they simpler haven't made it a top priority yet and are simply waiting for it to come, but frustrated with the lack of direction or information on it.

I think we don't even need a sophisticated API for this. All PlayBook apps already have an /app/META-INF folder which contains metadata, including the digital signatures and MANIFEST.MF file.

A single entry added to MANIFEST.MF on-the-fly would suffice, or for an even simpler approach a "license.txt" file could simply be added to that META-INF folder, containing the exact characters which are in the license key from the dynamic license server or which the App World server chose from the license pool. I believe all the supported SDKs provided a simple way to read a text file from the filesystem.

If you would like to see this, please "Like" this post and/or vote on the ticket (once it's public) and I'll see if we can at least get some feedback on the plans for this.

---Spends time in #blackberrydev on freenode (IRC)----Three simple rules:1. Please use the search bar before making new posts.2. "Like" posts that you find helpful.3. If a solution has been found for your post, mark it as solved.--I code too much. Well, too bad.

Re: Programmatic access to license keys for PlayBook apps

That folder is no more protected than the app's own code, for now. That means that while it's entirely inaccessible (ignoring rooted tablets) to other apps, it is currently included in the backup data.

There's already a ticket open to improve that situation, but it's a somewhat orthogonal issue in any case because the key is already displayed to users. Protecting the integrity of the key is a requirement, but it needn't be done by hiding it.

Depending on the degree of protection you want, you would take steps to eliminate the risk of keys being posted online. The usual approach would involve something like having the key coupled to information about the device, such as the PIN, or possibly to a user through their BBID.

App World already has facilities to assist with this, as it is supposed to report PIN and user email (BBID?) and other info to your dynamic license server when it requests a key. You would record that info, and then allow the app to be "activated" on first launch, by contacting your server and reporting the device PIN or user BBID.

A lesser form of protection would be available if you want to use a license pool. You would still need to activate the app in that case, but you wouldn't need the full license server with the App World interface. An app would merely report the key and the device/user info to your server, which would register that key as being in use. Any subsequent attempt to register a different device/user with the same key would imply that key had been published. You could simply reject the subsequent attempts and the "pirate" wouldn't be able to activate the app.

By the way, all the above is analogous to how I understand the situation works on phones right now. The key is visible to the user, but since several years ago the apps have had programmatic access to get the key, so the user no longer has to copy/paste anything to use it... it happens transparently.

All I'm looking for here is for PB apps to get the same capability or, at the very least or as a stopgap, for the serious usability problems with the current license key support on the PlayBook to be eliminated. That may be little more than rewording the dialog and allowing the user to copy the key from it in some fashion. (It may be the key is already copied automatically when that dialog is shown, but the user isn't told that, and it's not documented if true.)

Re: Programmatic access to license keys for PlayBook apps

Since AppWorld is pretty much the only game in town, wouldn't it be better to skip all this complicated licensing stuff and just allow the developer to make an on device query to AppWorld with an isRegistered() or isTrial() method?

Re: Programmatic access to license keys for PlayBook apps

Options like that are probably about equally effective, but may not be as simple to implement. I'd be happy to have any technique though, provided it didn't require that I first educate every new user about how to do something complicated.

My suggested approach (with license.txt) was intended to be something relatively trivial, since it involves only data already known to the App World client, and wouldn't require any change on the App World server. Given how slowly App World server changes are implemented, I thought this approach might get us something sooner....